From c75164899fb0d242022338d67144c06be7c5b32f Mon Sep 17 00:00:00 2001
From: Robin Lu <bin1.lu@intel.com>
Date: Fri, 22 Nov 2019 16:08:13 +0800
Subject: [PATCH] Update sudo srpm for CVE bug

To fix below CVE, we will use sudo-1.8.23-4.el7_7.1.src.rpm
https://lists.centos.org/pipermail/centos-announce/2019-October/023499.html

CVE bug: CVE-2019-14287: sudo: can bypass certain policy blacklists

Closes-Bug: 1852825

Change-Id: Iaafc053fe6e3b58468b5fa7c47dbc0f61a2d3c44
Signed-off-by: Robin Lu <bin1.lu@intel.com>
---
 centos-mirror-tools/rpms_centos.lst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/centos-mirror-tools/rpms_centos.lst b/centos-mirror-tools/rpms_centos.lst
index 68d948d4..a26418f4 100644
--- a/centos-mirror-tools/rpms_centos.lst
+++ b/centos-mirror-tools/rpms_centos.lst
@@ -1672,7 +1672,7 @@ stix-math-fonts-1.1.0-5.el7.noarch.rpm
 strace-4.12-9.el7.x86_64.rpm
 subversion-1.7.14-14.el7.x86_64.rpm
 subversion-libs-1.7.14-14.el7.x86_64.rpm
-sudo-1.8.23-3.el7.src.rpm
+sudo-1.8.23-4.el7_7.1.src.rpm
 supermin5-5.1.19-1.el7.x86_64.rpm
 swig-2.0.10-5.el7.x86_64.rpm
 sysfsutils-2.1.0-16.el7.x86_64.rpm